[TriLUG] stollen computer
Fred Stutzman
stutzman at email.unc.edu
Wed Oct 3 15:14:31 EDT 2001
On Wed, 3 Oct 2001, Chris Merrill wrote:
> Fred Stutzman said:
> > I'm guessing this is a linux machine, hence Trilug list.
>
> I've been assuming it is Windows. I thought that the Linux security
> provided some assurances that somebody accessing the box
> cannot simply login.
A properly secured Windows NT/2000 box will disallow local unauthorized
user login as well. Security is not just a Linux thing.
But...
Since services like FTP, DynDNS, and Apache are started at boot time, and
user independent, Eric would be able to discover, log in remotely and
administer the machine while the guy in Reston stares at the screen
waiting for Windows to boot up.
>
> Admittedly, with physical access to the computer, a determined
> hacker _will_ get in...but why bother? It seems unlikely that somebody
> who wanted in that bad (and had the talent to accomplish it) would not
> then be using the machine as if it was theirs...and would notice
> something like a dynamic DNS daemon?
>
> In fact...in this case, it's probably better if it is windows...otherwise
> they would have formatted the drive and installed windows and
> you'd have no way to trace it!
>
> Chris
> _______________________________________________
> TriLUG mailing list
> http://www.trilug.org/mailman/listinfo/trilug
>
More information about the TriLUG
mailing list